[Openswan dev] MODECFG/IKECFG/MODE CONFIG openswan server and third party clients

Anna Wiejak anias at popoludnica.pl
Tue Dec 5 07:34:59 EST 2006


Recently I was working on the problem of modeconfig compatibility
between openswan server and softremote third-party client.
I found the reason why this doesn't work properly and implemented a
workaround on openswan server. The problem and solution is explained
in detail here:


Openswan implements the modeconfig in a different way then all other
solutions I've seen. I can't find out which behaviour is correct - it
looks like the details of deriving initialization vector iv for
payload encryption of mode config messages are not clearly defined in
ikecfg draft.

Can anyone elaborate on this please?


Anna Wiejak

More information about the Dev mailing list